ozmanjusri writes: "Proof-of-concept code for exploiting a recently discovered flaw has appeared on a hacking website after it was shared with Microsoft Active Protections Program partners. The code for the Remote Desktop Protocol vulnerability appears to have leaked from one of the security companies that get advance warnings about security holes in Windows.

The incident brings into question Microsoft's program, which is intended to alert security partners before the patches themselves are released. The idea is to give them time to prioritise and test the fixes, however in this instance, it left their customers vulnerable."